Doing something similar for Linux as it did for Window by adding CVEs assigned to major vendors like Ubuntu and Red Hat, the Linux count goes to 1,752 vulnerabilities. The "Linux kernel" had the most CVEs reported for it at 937, but the "various iterations of Windows are considered different products, while Linux is considered a single product and Mac OS X are considered three products, which further skews the data." But Sourcefire says by combining the CVEs for all versions of Windows except the mobile ones, Windows is pinned with 1,114 vulnerabilities. Sourcefire acknowledges that some may argue with its analysis here. In terms of limiting the rankings to just high-severity vulnerabilities, the list is similar, with Microsoft at the top, and Google added into the group and "Linux" dropped. Sourcefire's report on 25 years of vulnerabilities also tackles what it acknowledges as a "controversial topic" - reviewing vulnerabilities by vendor and open-source software grouping.Īccording to the report's analysis, the "10 worst offenders" from top down were: Microsoft Apple Oracle IBM Sun (acquired by Oracle) Cisco Mozilla Linux HP Adobe. Last year, though, "access-control issues reigned supreme." Buffer overflows are also more likely to have a high-severity rating, with catastrophic consequences leading to wholly compromised networks after an attack. When it comes to the type of vulnerabilities in general for everything, the category of "buffer overflows" is the most predominant at 7,809 occurrences, with cross-site scripting a close second. The iPhone has seen 210 vulnerabilities while Google Android logs in at 24, Windows Mobile at 14 and BlackBerry at 11. When it comes to smartphones, "the Apple iPhone by far has the most vulnerabilities reported for it," Younan says. The good news is that for the first time ever, high-severity vulnerabilities only make up 33% of the vulnerabilities assigned CVEs in the previous decade the average was 45%.
In 2012, a total of 5,281 vulnerabilities were recorded. There was a notable decline in annually-recorded vulnerabilities until 2010. Yves Younan, senior research engineer on Sourcefire's vulnerability research team.
Altimeter: Standby Collins IFIS-5000 integrated flight information.ADF: Dual Collins Cockpit: Honeywell EGPWS w/windshear,ĪFIS: Honeywell SATAFIS system, dual Collins DB Systems audio panels, dual Collins CDU-6200 control displays, dual Collins ADC-3000 air data computers, ADS-B Out, Artex 406-2 ELT w/GPS interface, XM weather, ACARS system, dual Davtron clocks, standby horizon & airspeed indicators
0 kommentar(er)
